Yes, from the linux box I can reach everything. This are some things I found in /var/log/messages
kernel: martian source 208.53.98.198 from 127.0.0.1, on dev eth0 kernel: ll header: 00:50:fc:89:70:ef:00:06:28:cf:ad:e0:08:00 These are the forwarding rules for the clients on the 208.53.164.0/24 net: iptables -A INPUT -s $IP -i eth1 -m mac --mac $MAC iptables -A FORWARD -s $IP -i eth1 -m mac --mac $MAC I tried with no firewall at all (service iptables stop), but still no luck. Should i create some rule to make it work? I also disabled rp_filter in /proc/sys/net/ipv4/conf/ all default eth0 eth1 (except loopback -I forgot) The strange thing is that i could route doing nat with private ip addresses but doesn't like public ip addresses. I'm really confused. -----Original Message----- From: Bret Hughes <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: 11 Sep 2003 23:15:05 -0500 Subject: Re: Routing problem > On Thu, 2003-09-11 at 22:43, gaston wrote: > > Internet > > | > > | > > ________|________ > > | | > > | Cisco 2600 | > > | | > > IP: 208.53.98.254 > > |_______________| > > | > > | > > | > > | > > | > > | > > ________|_________ > > | | > > | Switch 1 | > > > > |_______________| > > > > | > > | > > | > > | > > | > > ETH0 ---> IP:208.53.98.198 Net 208.53.98.0/25 > > ________|________ > > | | > > | Linux | > > |_______________| > > | > > ETH1 --> IP:208.53.164.254 Net 208.53.164.0/24 > > > > | > > | > > ________|_________ > > | | > > | Switch 2 | ------ Clients > > > > > > |_______________| > > > > Red Hat Linux 9 > > Kernel: 2.4.20-8 > > I used the traditional routing config (without iproute2) > > > > > > Routing table: > > > > 208.53.98.128 0.0.0.0 255.255.255.128 U 0 > eth0 > > 208.53.164.0 0.0.0.0 255.255.255.0 U 0 > eth1 > > 169.254.0.0 0.0.0.0 255.255.0.0 U 0 > eth1 > > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 > lo > > 0.0.0.0 208.53.98.254 0.0.0.0 UG 0 > eth0 > > > > > > Cisco 2600 config: > > > > ip route 208.53.164.0 255.255.255.0 208.53.98.198 > > > > > > /proc/sys/net/ipv4 > > > > ip_forward:1 > Good > > > > > /proc/sys/net/ipv4/conf/ethX > > > > Problem: > > > > This configuration didn't work. From the clients network > (208.53.164.0) I > > could only reach (ping) the Cisco router but was unable to reach > > Internet. > > > > > > Yes, the cisco knows that everything going to the net 208.53.164.0 > goes > > through the linux. > > > > I did a traceroute from one of the clients to cisco's website ip: > > > > 1st hop --> 208.53.164.254 > > 2nd hop --> Time out > > 3d --> Time out > > and so on > > > > The only quick solution was to connect Switch 1 with Switch 2. > > > > > > Can the linux box get out? > > What about firewall rules on the linux box. Do you have a forward rule > for 208.53.164.0/24 > > anything in /var/log/messages? > > Bret > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
